Mobile endpoint security built on one of the world's largest mobile threat datasets.
The Lookout mark - a fanned green "L" suggesting a horizon scan. San Francisco, California. Founded 2007 by John Hering, Kevin Mahaffey & James Burgess.
Lookout, Inc. is a San Francisco cybersecurity company that protects the device most enterprises still treat as an afterthought: the smartphone. Its software watches for phishing links, scam texts, malicious apps, network attacks and signs of device compromise across the phones and tablets that employees use for work - whether the company owns them or not.
The premise is simple and slightly uncomfortable. A modern executive can approve a wire transfer, read privileged email and hold multi-factor authentication codes on a device that sits, unmanaged, in a coat pocket. Attackers know this. The fastest way past a hardened corporate network is often a convincing text message.
Lookout's answer is mobile threat defense delivered from the cloud. An app on the device streams risk signals; Lookout's backend compares them against telemetry drawn from hundreds of millions of devices and apps collected over nearly two decades. When something looks wrong - a phishing page, a repackaged app, a jailbroken handset - the platform flags it and can block access before damage is done.
That dataset is the quiet advantage. A competitor can write similar detection logic in months, but it cannot manufacture years of mobile threat history overnight. The scale is what lets Lookout separate a genuine attack from an ordinary Tuesday.
The company also sells that intelligence directly. Its threat research team has publicly exposed nation-state surveillance campaigns, and its data feeds are used by other security vendors and government agencies who want to understand the mobile threat landscape rather than merely react to it.
Mobile threat defense across managed and BYOD fleets - protection against phishing, malicious apps, device compromise, risky networks and OS vulnerabilities.
Uses large language models to judge the intent and context of texts from unknown senders, catching social engineering that carries no malicious link. Opt-in and privacy-preserving.
Research and feeds derived from Lookout's mobile dataset, licensed to enterprises, governments and fellow security vendors tracking APT and surveillanceware campaigns.
Proactive detection of executive-impersonation and SMS phishing attacks aimed at the high-value employees attackers most want to fool.
Lookout runs a B2B SaaS subscription model. Enterprises, telecom carriers and government agencies pay per device or per seat on annual and multi-year contracts, and Lookout licenses its threat-intelligence data to partners on top. It reaches customers directly and through carrier and channel relationships.
The strategy over the past few years has been subtraction. Lookout divested its consumer app in 2023 and sold its cloud Security Service Edge business to Fortra in May 2025 - shedding adjacent markets to become a pure-play mobile security company.
"This strategic step builds on the foundation of our earlier partnership with Fortra, further aligning our shared vision for the future."
Backers include Andreessen Horowitz, Accel, Khosla Ventures, Greylock, Index Ventures, Deutsche Telekom, T-Mobile, Qualcomm Ventures & Bezos Expeditions.
Who its customers are. More than 2,000 enterprise and government organizations rely on Lookout, including major telecom carriers, large technology firms, financial-services and healthcare companies, and public-sector agencies. Before divesting that unit in 2023, its consumer app protected well over 100 million people - the source of much of the dataset it still draws on.
The problems it solves. Corporate security has hardened laptops and servers while leaving mobile relatively exposed. Lookout closes that gap: mobile phishing and smishing, credential theft, malicious or repackaged apps, jailbroken and compromised devices, and executive-impersonation scams that arrive as ordinary-looking texts.
How it's different. Two things. First, the dataset - years of mobile telemetry that makes detections sharper. Second, its move to read intent, not just indicators. Where legacy filters look for a bad URL or spoofed sender, Smishing AI evaluates what a message is actually trying to do, catching link-free social engineering that slips past everyone else.
Where it fits in the market. Lookout sits in mobile threat defense (MTD), competing with Zimperium, Jamf (Wandera), Microsoft Defender for mobile, Check Point Harmony Mobile and CrowdStrike's mobile offering. By exiting SSE, it traded a crowded fight against Zscaler and Netskope for focus on the niche it helped create.
USC classmates John Hering, Kevin Mahaffey and James Burgess prove Bluetooth vulnerabilities - reportedly pulling data from celebrities' phones at the Academy Awards - and start Lookout.
Lookout's mobile security app grows to tens of millions of users across Android and iOS.
The Akamai and Juniper veteran takes over to steer Lookout toward enterprise and government customers.
Lookout packages its mobile threat defense as a dedicated enterprise product.
Enters the Security Service Edge market with a cloud-native security purchase.
Sells its consumer unit to focus entirely on enterprise and government.
Divests cloud SSE to Fortra and debuts the industry's first AI-powered SMS phishing defense.
Lookout's expertise is mobile risk - understanding how phones get attacked and turning that understanding into detection at scale. The founding team came from a research-and-curiosity background, earning a spot on Inc. Magazine's 30 Under 30. In 2014, enterprise operator Jim Dolce joined to convert that technical depth into a company that governments and Fortune 500 security teams would buy from. The pairing - hacker instinct plus enterprise discipline - still describes the place.
"Smishing AI is a powerful example of using AI to combat AI."
Lookout provides mobile endpoint security and threat intelligence, protecting enterprise and government smartphones and tablets from phishing, malicious apps, device compromise and social-engineering attacks.
Lookout was founded in 2007 by John Hering, Kevin Mahaffey and James Burgess, who met as classmates at USC.
No. Lookout divested its consumer business in 2023 and sold its cloud SSE business to Fortra in 2025. It is now a pure-play enterprise mobile security company.
Launched in 2025, it is an opt-in, privacy-preserving feature that uses large language models to detect SMS phishing by analyzing message intent and context, not just malicious links.
Jim Dolce is CEO and Chairman of the Board. He joined in March 2014 from a background at Akamai and Juniper Networks.